package com.wk.config;

import at.pollux.thymeleaf.shiro.dialect.ShiroDialect;
import org.apache.shiro.spring.web.ShiroFilterFactoryBean;
import org.apache.shiro.web.mgt.DefaultWebSecurityManager;
import org.springframework.beans.factory.annotation.Qualifier;
import org.springframework.context.annotation.Bean;
import org.springframework.context.annotation.Configuration;
import org.springframework.web.servlet.config.annotation.ViewControllerRegistry;
import org.springframework.web.servlet.config.annotation.WebMvcConfigurer;
import org.springframework.web.socket.server.standard.ServerEndpointExporter;

import java.util.LinkedHashMap;
import java.util.Map;

/**
 * @program: thesis
 * @description: 实现Shiro功能
 * @author: 王侃
 * @create: 2020-02-13 17:36
 **/

@Configuration
public class Shiroconfig implements WebMvcConfigurer {


    //设置跳转界面
    @Override
    public void addViewControllers(ViewControllerRegistry registry) {
        registry.addViewController("/").setViewName("student/login");
    }

    //shiro工厂
    @Bean
    public ShiroFilterFactoryBean shiroFilterFactoryBean(@Qualifier("defaultWebSecurityManager") DefaultWebSecurityManager defaultWebSecurityManager)
    {
        ShiroFilterFactoryBean bean=new ShiroFilterFactoryBean();
        //设置安全管理器
        bean.setSecurityManager(defaultWebSecurityManager);
        //添加shiro的内置过滤器
        /*
            anon:无需认证就可以访问
            authc:必须认证才能访问
            user:必须拥有记住我功能才能用
            perms:拥有对某个资源的权限才能访问
            role:拥有某个角色权限才能访问
         */
        Map<String ,String> maps=new LinkedHashMap<>();


        //需要认证才能访问
        maps.put("/success","authc");
        maps.put("/main","authc");

        //需要授权才能访问，只有拥有stu这个权限的才能访问
        maps.put("/stu/**","perms[stu]");
        maps.put("/tea/**","perms[tea]");
        maps.put("/admin/**","perms[admin]");

        maps.put("/layui/**","anon");
        maps.put("/editor/**","anon");
        maps.put("/layer/**","anon");
        maps.put("/lib/**","anon");
        maps.put("/icon/**","anon");
        maps.put("/","anon");
        maps.put("/css/**","anon");
        maps.put("/js/**","anon");
        maps.put("/fonts/**","anon");
        maps.put("/images/**","anon");

        bean.setFilterChainDefinitionMap(maps);

        //设置未授权页面,只有认证却没有授权则访问这个路径
        bean.setUnauthorizedUrl("/unauth");

        //如果认证失败，则退到登录界面
        bean.setLoginUrl("/login");

        return bean;
    }

    //安全管理
    @Bean(name = "defaultWebSecurityManager")
    public DefaultWebSecurityManager defaultWebSecurityManager(@Qualifier("userRealm") UserRealm userRealm)
    {
        DefaultWebSecurityManager securityManager=new DefaultWebSecurityManager();
        //关联UserRealm
        securityManager.setRealm(userRealm);
        return securityManager;
    }

    //创建realm对象,需要自定义
    @Bean(name = "userRealm")
    public UserRealm userRealm()
    {
        return new UserRealm();
    }

    //只有整合shiroDialect,才能整合shiro-thymeleaf
    @Bean
    public ShiroDialect shiroDialect()
    {
        return new ShiroDialect();
    }


}
